applications/luci-firewall: use option "name" instead of deprecated "_name", expose...

diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua
index 1cc5ecbb469d88b9ea56e3b8a9442f3b1cac5dd7..c3618ec01b665dd1b6b353d52e3297120e69a1f2 100644 (file)
--- a/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua
+++ b/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua
@@ -14,6 +14,9 @@ $Id$
 
 local sys = require "luci.sys"
 local dsp = require "luci.dispatcher"
 
 local sys = require "luci.sys"
 local dsp = require "luci.dispatcher"

+local ft  = require "luci.tools.firewall"
+
+local m, s, o

 
 arg[1] = arg[1] or ""
 
 
 arg[1] = arg[1] or ""
 


@@ -29,7 +32,7 @@ if m.uci:get("firewall", arg[1]) ~= "redirect" then
        luci.http.redirect(m.redirect)
        return
 else
        luci.http.redirect(m.redirect)
        return
 else

-       local name = m:get(arg[1], "_name")
+       local name = m:get(arg[1], "name") or m:get(arg[1], "_name")

        if not name or #name == 0 then
                name = translate("(Unnamed Entry)")
        end
        if not name or #name == 0 then
                name = translate("(Unnamed Entry)")
        end


@@ -56,26 +59,17 @@ s = m:section(NamedSection, arg[1], "redirect", "")
 s.anonymous = true
 s.addremove = false
 
 s.anonymous = true
 s.addremove = false
 

-s:tab("general", translate("General Settings"))
-s:tab("advanced", translate("Advanced Settings"))
-
-name = s:taboption("general", Value, "_name", translate("Name"))
-name.rmempty = true
-name.size = 10
+ft.opt_enabled(s, Button)
+ft.opt_name(s, Value, translate("Name"))

 
 

-src = s:taboption("advanced", Value, "src", translate("Source zone"))
-src.nocreate = true
-src.default = "wan"
-src.template = "cbi/firewall_zonelist"

 
 

-proto = s:taboption("general", Value, "proto", translate("Protocol"))
-proto.optional = true
-proto:value("tcp udp", "TCP+UDP")
-proto:value("tcp", "TCP")
-proto:value("udp", "UDP")
-proto:value("icmp", "ICMP")
+o = s:option(Value, "proto", translate("Protocol"))
+o:value("tcp udp", "TCP+UDP")
+o:value("tcp", "TCP")
+o:value("udp", "UDP")
+o:value("icmp", "ICMP")

 
 

-function proto.cfgvalue(...)
+function o.cfgvalue(...)

        local v = Value.cfgvalue(...)
        if not v or v == "tcpudp" then
                return "tcp udp"
        local v = Value.cfgvalue(...)
        if not v or v == "tcpudp" then
                return "tcp udp"


@@ -83,66 +77,88 @@ function proto.cfgvalue(...)
        return v
 end
 
        return v
 end
 

-dport = s:taboption("general", Value, "src_dport", translate("External port"),
-       translate("Match incoming traffic directed at the given " ..
-               "destination port or port range on this host"))
-dport.datatype = "portrange"

 
 

-to = s:taboption("general", Value, "dest_ip", translate("Internal IP address"),
-       translate("Redirect matched incoming traffic to the specified " ..
-               "internal host"))
-to.datatype = "ip4addr"
-for i, dataset in ipairs(sys.net.arptable()) do
-       to:value(dataset["IP address"])
-end
-
-toport = s:taboption("general", Value, "dest_port", translate("Internal port (optional)"),
-       translate("Redirect matched incoming traffic to the given port on " ..
-               "the internal host"))
-toport.optional = true
-toport.placeholder = "0-65535"
-toport.datatype = "portrange"
+o = s:option(Value, "src", translate("Source zone"))
+o.nocreate = true
+o.default = "wan"
+o.template = "cbi/firewall_zonelist"

 
 

-dest = s:taboption("advanced", Value, "dest", translate("Destination zone"))
-dest.nocreate = true
-dest.default = "lan"
-dest.template = "cbi/firewall_zonelist"
-
-src_dip = s:taboption("advanced", Value, "src_dip",
-       translate("Intended destination address"),
-       translate("Only match incoming traffic directed at the given IP address."))

 
 

-src_dip.optional = true
-src_dip.datatype = "ip4addr"
-src_dip.placeholder = translate("any")
-
-src_mac = s:taboption("advanced", DynamicList, "src_mac",
+o = s:option(DynamicList, "src_mac",

        translate("Source MAC address"),
        translate("Only match incoming traffic from these MACs."))
        translate("Source MAC address"),
        translate("Only match incoming traffic from these MACs."))

-src_mac.optional = true
-src_mac.datatype = "macaddr"
-src_mac.placeholder = translate("any")
+o.rmempty = true
+o.datatype = "macaddr"
+o.placeholder = translate("any")
+

 
 

-src_ip = s:taboption("advanced", Value, "src_ip",
+o = s:option(Value, "src_ip",

        translate("Source IP address"),
        translate("Only match incoming traffic from this IP or range."))
        translate("Source IP address"),
        translate("Only match incoming traffic from this IP or range."))

-src_ip.optional = true
-src_ip.datatype = "neg(ip4addr)"
-src_ip.placeholder = translate("any")
+o.rmempty = true
+o.datatype = "neg(ip4addr)"
+o.placeholder = translate("any")

 
 

-sport = s:taboption("advanced", Value, "src_port",
+
+o = s:option(Value, "src_port",

        translate("Source port"),
        translate("Only match incoming traffic originating from the given source port or port range on the client host"))
        translate("Source port"),
        translate("Only match incoming traffic originating from the given source port or port range on the client host"))

-sport.optional = true
-sport.datatype = "portrange"
-sport.placeholder = translate("any")
-
-reflection = s:taboption("advanced", Flag, "reflection", translate("Enable NAT Loopback"))
-reflection.rmempty = true
-reflection.default = reflection.enabled
-reflection:depends({ target = "DNAT", src = wan_zone })
-reflection.cfgvalue = function(...)
+o.rmempty = true
+o.datatype = "portrange"
+o.placeholder = translate("any")
+
+
+o = s:option(Value, "src_dip",
+       translate("External IP address"),
+       translate("Only match incoming traffic directed at the given IP address."))
+
+o.rmempty = true
+o.datatype = "ip4addr"
+o.placeholder = translate("any")
+
+
+o = s:option(Value, "src_dport", translate("External port"),
+       translate("Match incoming traffic directed at the given " ..
+               "destination port or port range on this host"))
+o.datatype = "portrange"
+
+
+
+o = s:option(Value, "dest", translate("Internal zone"))
+o.nocreate = true
+o.default = "lan"
+o.template = "cbi/firewall_zonelist"
+
+
+o = s:option(Value, "dest_ip", translate("Internal IP address"),
+       translate("Redirect matched incoming traffic to the specified \
+               internal host"))
+o.datatype = "ip4addr"
+for i, dataset in ipairs(sys.net.arptable()) do
+       o:value(dataset["IP address"])
+end
+
+
+o = s:option(Value, "dest_port",
+       translate("Internal port"),
+       translate("Redirect matched incoming traffic to the given port on \
+               the internal host"))
+o.placeholder = translate("any")
+o.datatype = "portrange"
+
+
+o = s:option(Flag, "reflection", translate("Enable NAT Loopback"))
+o.rmempty = true
+o.default = o.enabled
+o:depends("src", wan_zone)
+o.cfgvalue = function(...)

        return Flag.cfgvalue(...) or "1"
 end
 
        return Flag.cfgvalue(...) or "1"
 end
 

+
+s:option(Value, "extra",
+       translate("Extra arguments"),
+       translate("Passes additional arguments to iptables. Use with care!"))
+
+

 return m
 return m

diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua
index b07aa90417f132a9715350e971ffbcfe5a944776..714b08e79ce0100b52731a9323542ff447629f2b 100644 (file)
--- a/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua
+++ b/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua
@@ -49,7 +49,7 @@ function s.create(self, section)
                self.map:set(created, "src_dport", e)
                self.map:set(created, "dest_ip",   a)
                self.map:set(created, "dest_port", i)
                self.map:set(created, "src_dport", e)
                self.map:set(created, "dest_ip",   a)
                self.map:set(created, "dest_port", i)

-               self.map:set(created, "_name",     n)
+               self.map:set(created, "name",      n)

        end
 
        if p ~= "other" then
        end
 
        if p ~= "other" then


@@ -71,10 +71,9 @@ function s.filter(self, sid)
        return (self.map:get(sid, "target") ~= "SNAT")
 end
 
        return (self.map:get(sid, "target") ~= "SNAT")
 end
 

-name = s:option(DummyValue, "_name", translate("Name"))
-function name.cfgvalue(self, s)
-       return self.map:get(s, "_name") or "-"
-end
+
+ft.opt_name(s, DummyValue, translate("Name"))
+

 
 proto = s:option(DummyValue, "proto", translate("Protocol"))
 proto.rawhtml = true
 
 proto = s:option(DummyValue, "proto", translate("Protocol"))
 proto.rawhtml = true


@@ -131,4 +130,6 @@ function dest.cfgvalue(self, s)
        end
 end
 
        end
 end
 

+ft.opt_enabled(s, Flag, translate("Enable")).width = "1%"
+

 return m
 return m

diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua
index 1f7df65136b3fbcb02c8a9c120a8689271174297..25666dd488c2b0d377bb07da14b427a1d2ee70af 100644 (file)
--- a/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua
+++ b/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua
@@ -17,6 +17,7 @@ local sys = require "luci.sys"
 local dsp = require "luci.dispatcher"
 local nxo = require "nixio"
 
 local dsp = require "luci.dispatcher"
 local nxo = require "nixio"
 

+local ft = require "luci.tools.firewall"

 local nw = require "luci.model.network"
 local m, s, o, k, v
 
 local nw = require "luci.model.network"
 local m, s, o, k, v
 


@@ -46,7 +47,7 @@ if not rule_type then
 --
 elseif rule_type == "redirect" then
 
 --
 elseif rule_type == "redirect" then
 

-       local name = m:get(arg[1], "_name")
+       local name = m:get(arg[1], "name") or m:get(arg[1], "_name")

        if not name or #name == 0 then
                name = translate("(Unnamed SNAT)")
        else
        if not name or #name == 0 then
                name = translate("(Unnamed SNAT)")
        else


@@ -76,9 +77,8 @@ elseif rule_type == "redirect" then
        s.addremove = false
 
 
        s.addremove = false
 
 

-       o = s:option(Value, "_name", translate("Name"))
-       o.rmempty = true
-       o.size = 10
+       ft.opt_enabled(s, Button)
+       ft.opt_name(s, Value, translate("Name"))

 
 
        o = s:option(Value, "proto",
 
 
        o = s:option(Value, "proto",


@@ -115,7 +115,7 @@ elseif rule_type == "redirect" then
 
        o = s:option(Value, "src_ip", translate("Source IP address"))
        o.rmempty = true
 
        o = s:option(Value, "src_ip", translate("Source IP address"))
        o.rmempty = true

-       o.datatype = "neg(ip4addr)"
+       o.datatype = "neg(ipaddr)"

        o.placeholder = translate("any")
 
 
        o.placeholder = translate("any")
 
 


@@ -176,15 +176,29 @@ elseif rule_type == "redirect" then
        o.placeholder = translate('Do not rewrite')
 
 
        o.placeholder = translate('Do not rewrite')
 
 

+       s:option(Value, "extra",
+               translate("Extra arguments"),
+               translate("Passes additional arguments to iptables. Use with care!"))
+
+

 --
 -- Rule
 --
 else
 --
 -- Rule
 --
 else

+       local name = m:get(arg[1], "name") or m:get(arg[1], "_name")
+       if not name or #name == 0 then
+               name = translate("(Unnamed Rule)")
+       end
+
+       m.title = "%s - %s" %{ translate("Firewall - Traffic Rules"), name }
+
+

        s = m:section(NamedSection, arg[1], "rule", "")
        s.anonymous = true
        s.addremove = false
 
        s = m:section(NamedSection, arg[1], "rule", "")
        s.anonymous = true
        s.addremove = false
 

-       s:option(Value, "_name", translate("Name").." "..translate("(optional)"))
+       ft.opt_enabled(s, Button)
+       ft.opt_name(s, Value, translate("Name"))

 
 
        o = s:option(ListValue, "family", translate("Restrict to address family"))
 
 
        o = s:option(ListValue, "family", translate("Restrict to address family"))


@@ -295,6 +309,11 @@ else
        o:value("ACCEPT", translate("accept"))
        o:value("REJECT", translate("reject"))
        o:value("NOTRACK", translate("don't track"))
        o:value("ACCEPT", translate("accept"))
        o:value("REJECT", translate("reject"))
        o:value("NOTRACK", translate("don't track"))

+
+
+       s:option(Value, "extra",
+               translate("Extra arguments"),
+               translate("Passes additional arguments to iptables. Use with care!"))

 end
 
 return m
 end
 
 return m

diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua
index f76380c79b28c6f433537ea14e732157bc6a3080..290096ba44243ce44563ec05216b8119b002a4c3 100644 (file)
--- a/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua
+++ b/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua
@@ -59,7 +59,7 @@ function s.parse(self, ...)
                self.map:set(created, "src",       "wan")
                self.map:set(created, "proto",     (i_p ~= "other") and i_p or "all")
                self.map:set(created, "dest_port", i_e)
                self.map:set(created, "src",       "wan")
                self.map:set(created, "proto",     (i_p ~= "other") and i_p or "all")
                self.map:set(created, "dest_port", i_e)

-               self.map:set(created, "_name",     i_n)
+               self.map:set(created, "name",      i_n)

 
                if i_p ~= "other" and i_e and #i_e > 0 then
                        created = nil
 
                if i_p ~= "other" and i_e and #i_e > 0 then
                        created = nil


@@ -71,7 +71,7 @@ function s.parse(self, ...)
                self.map:set(created, "target", "ACCEPT")
                self.map:set(created, "src",    f_s)
                self.map:set(created, "dest",   f_d)
                self.map:set(created, "target", "ACCEPT")
                self.map:set(created, "src",    f_s)
                self.map:set(created, "dest",   f_d)

-               self.map:set(created, "_name",  f_n)
+               self.map:set(created, "name",   f_n)

        end
 
        if created then
        end
 
        if created then


@@ -82,10 +82,7 @@ function s.parse(self, ...)
        end
 end
 
        end
 end
 

-name = s:option(DummyValue, "_name", translate("Name"))
-function name.cfgvalue(self, s)
-       return self.map:get(s, "_name") or "-"
-end
+ft.opt_name(s, DummyValue, translate("Name"))

 
 family = s:option(DummyValue, "family", translate("Family"))
 function family.cfgvalue(self, s)
 
 family = s:option(DummyValue, "family", translate("Family"))
 function family.cfgvalue(self, s)


@@ -170,6 +167,8 @@ function target.cfgvalue(self, s)
        end
 end
 
        end
 end
 

+ft.opt_enabled(s, Flag, translate("Enable")).width = "1%"
+

 
 --
 -- SNAT
 
 --
 -- SNAT


@@ -210,7 +209,7 @@ function s.parse(self, ...)
                self.map:set(created, "proto",     "all")
                self.map:set(created, "src_dip",   a)
                self.map:set(created, "src_dport", p)
                self.map:set(created, "proto",     "all")
                self.map:set(created, "src_dip",   a)
                self.map:set(created, "src_dport", p)

-               self.map:set(created, "_name",     n)
+               self.map:set(created, "name",      n)

        end
 
        if created then
        end
 
        if created then


@@ -225,10 +224,7 @@ function s.filter(self, sid)
        return (self.map:get(sid, "target") == "SNAT")
 end
 
        return (self.map:get(sid, "target") == "SNAT")
 end
 

-name = s:option(DummyValue, "_name", translate("Name"))
-function name.cfgvalue(self, s)
-       return self.map:get(s, "_name") or "-"
-end
+ft.opt_name(s, DummyValue, translate("Name"))

 
 proto = s:option(DummyValue, "proto", translate("Protocol"))
 proto.rawhtml = true
 
 proto = s:option(DummyValue, "proto", translate("Protocol"))
 proto.rawhtml = true


@@ -285,5 +281,7 @@ function snat.cfgvalue(self, s)
        end
 end
 
        end
 end
 

+ft.opt_enabled(s, Flag, translate("Enable")).width = "1%"
+

 
 return m
 
 return m

diff --git a/applications/luci-firewall/luasrc/tools/firewall.lua b/applications/luci-firewall/luasrc/tools/firewall.lua
index 1847d14a7e397e5cc92c2a42e53665e66c37f0dd..52bce63218593dfbf972a9f88069a0ef8992fb0f 100644 (file)
--- a/applications/luci-firewall/luasrc/tools/firewall.lua
+++ b/applications/luci-firewall/luasrc/tools/firewall.lua
@@ -227,3 +227,61 @@ function fmt_target(x, dest)
                end
        end
 end
                end
        end
 end

+
+
+function opt_enabled(s, t, ...)
+       if t == luci.cbi.Button then
+               local o = s:option(t, "__enabled")
+               function o.render(self, section)
+                       if self.map:get(section, "enabled") ~= "0" then
+                               self.title      = translate("Rule is enabled")
+                               self.inputtitle = translate("Disable")
+                               self.inputstyle = "reset"
+                       else
+                               self.title      = translate("Rule is disabled")
+                               self.inputtitle = translate("Enable")
+                               self.inputstyle = "apply"
+                       end
+                       t.render(self, section)
+               end
+               function o.write(self, section, value)
+                       if self.map:get(section, "enabled") ~= "0" then
+                               self.map:set(section, "enabled", "0")
+                       else
+                               self.map:del(section, "enabled")
+                       end
+               end
+               return o
+       else
+               local o = s:option(t, "enabled", ...)
+                     o.enabled = ""
+                         o.disabled = "0"
+                     o.default = o.enabled
+               return o
+       end
+end
+
+function opt_name(s, t, ...)
+       local o = s:option(t, "name", ...)
+
+       function o.cfgvalue(self, section)
+               return self.map:get(section, "name") or
+                       self.map:get(section, "_name") or "-"
+       end
+
+       function o.write(self, section, value)
+               if value ~= "-" then
+                       self.map:set(section, "name", value)
+                       self.map:del(section, "_name")
+               else
+                       self:remove(section)
+               end
+       end
+
+       function o.remove(self, section)
+               self.map:del(section, "name")
+               self.map:del(section, "_name")
+       end
+
+       return o
+end